Nmap Development mailing list archives
Re: Fyodor, I would like to have your point of vue on SinFP tool
From: GomoR <nmap-hackers () gomor org>
Date: Sat, 13 May 2006 14:06:00 +0200
On Fri, May 12, 2006 at 05:41:56PM -0700, Fyodor wrote: [..]
No, I think it is entirely appropriate here. Thanks for posting, even
Perfect.
though I was already familiar with SinFP. I took a look at it in March while Zhao Lei and I were working on a 2nd generation fingerprinting system for Nmap.
Thank you ;)
It is a great little tool, though I dispute the web page statement that Nmap's "approach to OS fingerprinting is becoming to be obsolete" due to "stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies".
Yes, and I need to apologies for that. When I released it the first time (on june 2005), I got nearly zero replies. And the one I received were not useful. So, I changed my mind, and resolved to use marketting wording, to trick people into trying SinFP. It is not simple to change user habits.
I agree that those obstacles can be a challenge, but Nmap is pretty resilient to most of this. It has to be, given that people use it across just about every sort of network available. But I hope the new system will be even more powerful.
Well, I used to work for a company that developped a vulnerability scanner. And when you see nmap giving Turtle OS, when it is, in fact, a classical Linux, you change your mind. But I am not here to start a troll or flamewar. Just to finish on this subject; I will add: No response from a probe is not meaningful. We cannot conclude anything. No bug report from users is not meaningful. We cannot conclude anything.
I hope to release a paper very soon to nmap-dev documenting that upcoming system. We would of course appreciate your input.
And I will be very glad to comment on it, to help make nmap better.
Cheers, -F
-- ^ ___ ___ http://www.GomoR.org/ <-+ | / __ |__/ Systems & Security Engineer | | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- | +--> Net::Packet <=> http://search.cpan.org/~gomor/ <--+ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Fyodor, I would like to have your point of vue on SinFP tool GomoR (May 06)
- Re: Fyodor, I would like to have your point of vue on SinFP tool Fyodor (May 12)
- <Possible follow-ups>
- Re: Fyodor, I would like to have your point of vue on SinFP tool GomoR (May 13)